GitLab open sources its Web IDE in GitLab 10.7

GitLab Web IDE, aimed to simplify the workflow of accepting merge requests, is now available in GitLab 10.7, along with other features focused on improving C++ and Go code security and improving Kubernetes integration.

The GitLab Web IDE was initially released as a beta in GitLab 10.4 Ultimate. The primary goal of this IDE was to streamline the workflow to contribute small fixes and to resolve merge requests. This allowed developers to contribute without storing their changes and switching to a new branch locally, then back.This could be of particular interest to developers who have a significant number of PRs to review, as well as to developers starting their journey with Git.

GitLab Web IDE has the familiar layout of many graphical IDEs, with a left panel showing the files belonging to the project and a middle panel allowing to view and edit their contents. The right panel in GitLab Web IDE is the commit panel, which allows developers to keep track of which files make up the commit, to review changes, edit the commit message, and control whether the commit goes to the master branch or to a new branch, and whether to merge the changes or not.

GitLab has made its Web IDE open source with the goal of letting the developer community contribute to its development and improvement. Setting up a local development environment, or needing to stash changes and switch branches locally, can add friction to the development process. Using the Web IDE you can change multiple files, preview Markdown, review the changes and commit directly all from a browser. You can even open the diff from a merge request and get a side by side view of the changes. The latest release of Web IDE comes with performance improvements and the ability to contribute small fixes and resolve merge request feedback.

GitLab 10.7 also released SAST for Go and C/C++

Additionally, GitLab 10.7 also extends GitLab Static Application Security Testing (SAST) by adding support for C/ C++ and Go. GitLab SAST is a set of security tools aimed to analyze source code to detect known vulnerabilities. In addition to C/C++ and Go, SAST supports Python, Java, and Ruby on Rails. GitLab SAST is somewhat reminiscent of GitHub Security Alerts, which support Ruby and JavaScript, while Python support is in the workings.

Another interesting change brought by GitLab 10.7 is Deploy Tokens, which provides support for long-lived read-only authenticated sessions for specific needs, such as when using Kubernetes to orchestrate a bunch of containers in a CI pipeline. Indeed, to flawlessly handle pod restarts and auto scaling, Kubernetes requires ongoing access to the container registry. This was previously available through CI job token, which had the downside of expiring once Kubernetes completed its task. As a workaround, personal access tokens could be used, but this could be undesirable when the access token had to be shared among multiple users. Deploy token provides a solution to both limitations.

GitLab 10.7 includes many more new features, such as parametrized CI/CD control flow, project badges, subgroup issues boards, and others. Do not miss the official announcement for full details.